SurgeLDAP 1.0 d - Full Path Disclosure
| EKU-ID: 28486 | CVE: | OSVDB-ID: |
| Author: Ziv Kamir | Published: 2003-08-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28486 | CVE: | OSVDB-ID: |
| Author: Ziv Kamir | Published: 2003-08-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server component of SurgeLDAP. http://www.example.com:6680/aaa.html